There are many situations where reliable identification of an individual is desired. For example, in the medical field procedures are often implemented for requiring authorization by a physician and/or attending nurse for dispensing medication, such as to safeguard the dispensation of controlled substances, to ensure dispensation of proper medications and quantities, etc. Accordingly, a procedure may be established by the medical facility requiring that the physician and the nurse sign orders for dispensing medications. Unfortunately, such signatures are often difficult to read, are relatively easily forged, and require the use of paper or hard copies of the documents being authorized. The foregoing technique requiring signatures of the physician and nurse, therefore, do not provide reliable identification of the authorizing individuals or reliable transaction auditing. Moreover, such techniques requiring the use of paper or hard copies of the documents are not environmentally friendly and are incompatible with a more modern, paperless office.
Another example of situations where reliable identification of an individual is desired is when granting access to various resources for which controlled access is desired. Continuing with the foregoing medical field example, controlled access may be desired with respect to patient records, clinical resource scheduling, etc. Accordingly, procedures may be established by the medical facility whereby each user creates a user name and password for electronically accessing particular applications, such as a patient records database application, a clinical resource scheduling application, etc. Unfortunately, the use of such user names and passwords is often not user friendly. For example, a user is often required to implement multiple layers of user names and passwords, such as one set of user name and password to access a network system and separate sets of user names and passwords to access individual applications available through the network system. Creating, remembering, and managing such user name and password sets, particularly where different applications impose different requirements regarding such user names and passwords, becomes a challenging task for the user. Moreover, the use of such user name and password does nothing to actually provide identification of the user because any individual who acquires the user name and password set may obtain access to the corresponding resource.
One previous technique for providing user identification and/or controlled access to a resource has been to issue radio frequency identification (RFID) cards to users. Accordingly, a user may hold an RFID card near an RFID reader for user identification and/or gaining access to a controlled access resource. Such techniques, however, provide no identification of the user because any individual possessing the RFID card will be identified as the user to which the card was issued. Moreover, the response by the RFID card to a reader inquiry is unchanging, and thus the RFID identification technique is susceptible to replay attacks. For example, an eavesdropper may monitor the communication between the RFID card and RFID reader and thus obtain information from a user's RFID card. This obtained information may subsequently be provided to a RFID reader to “spoof” the identification of the legitimate user. The foregoing replay attack is made even more vulnerable due to there being no authentication of the RFID reader, thereby allowing an imposter RFID reader to readily obtain the RFID card information. Various RFID based identification and/or controlled access techniques further present a weakness in that there is no mutual authentication between the RFID reader and the resource to which access is granted. Thus, even where the RFID identification technique itself operates properly, the technique may be circumvented through interaction with a resource directly.
Another previous technique for providing user identification and/or controlled access to a resource has been to use challenge-response based access control. According to such a technique, a smartcard or other device having processing capability (collectively referred to herein as a smart user device) is used with an identification host (e.g., smartcard reader) to implement a challenge and corresponding response for identification and/or access control. For example, a smart user device and identification host may share a secret key for use in a challenge-response, whereby the identification host provides a challenge message encrypted using the key (e.g., a random number) to a smart user device in communication therewith. In response, the smart user device may use the key to obtain the challenge message, compute a response using the challenge message, and return a response message encrypted using the key. As with the RFID technique discussed above, such a challenge-response technique provides no identification of the user because any individual possessing the smart user device will be identified as the user to which the device was issued. Moreover, the challenge-response is susceptible to a “man-in-the-middle” attack, wherein an unauthorized device is disposed in the communication path between the smart user device and the identification host, passing the challenge and response messages between the smart user device and identification host but intercepting and controlling session data provided thereafter (e.g., taking over interaction with the identification host after the challenge-response). The vulnerability of the challenge-response technique is further exacerbated by there being no authentication of the identification host, thereby allowing an imposter host to issue challenges to a smart user device in an effort to determine the proper challenge-response combination for use in later spoofing the smart user device to a legitimate identification host. Various challenge-response based identification and/or controlled access techniques further present a weakness in that there is no mutual authentication between the identification host and the resource to which access is granted. Thus, even where the challenge-response identification technique itself operates properly, the technique may be circumvented through interaction with a resource directly.
Yet another previous technique for providing user identification and/or controlled access to a resource has been to provide a technique implementing a smartcard reader with fingerprint verification. For example, a terminal may be provided which includes both a smartcard reader and a fingerprint reader which are operated cooperatively to provide user identification and/or resource access control. The smartcard portion of the technique implements a traditional challenge-response technique, as described above, and thus suffers from weaknesses with respect to man-in-the-middle attacks and no identification host authentication. The fingerprint portion of the technique typically implements centralized storage (e.g., identification host or server based storage) of user fingerprint data (e.g., fingerprint exemplars), thereby presenting privacy issues with respect to user biometric data. Moreover, the combined smartcard reader with fingerprint verification techniques present a weakness in that there is no mutual authentication between the terminal and the resource to which access is granted. Thus, even where the smartcard reader with fingerprint verification identification technique itself operates properly, the technique may be circumvented through interaction with a resource directly.
Various authenticated key exchange protocols have been implemented which provide mutual authentication between two systems. For example, International Standards Organization (ISO) (e.g., ISO/IEC 9798), sign and MAC (SIGMA), just fast keying (JFK), Diffie-Hellman (D-H), secret key exquisite mutual encryption (SKEME) (public key encryption D-H protocol), and high-performance Menezes, Qu, and Vanstone (HMQV) (high-performance secure D-H protocol), authenticated key exchange protocols have been implemented to provide mutual authentication. These authenticated key exchange protocols, however, do not provide for identification of a user, but rather authenticate the devices implementing the key exchange protocols. Systems implementing such mutual authentication protocols are shown in U.S. Pat. No. 5,225,664 to Iijima, U.S. Pat. No. 5,721,781 to Deo, et al., U.S. Pat. No. 5,544,245 to Tsubakiyama, and U.S. Pat. No. 6,757,825 to MacKenzie, et al. None of these systems set forth a solution providing a combination of user authentication, server authentication, user identification, and mutual authentication between an identification host and a resource for which access is controlled. For example, Iijima provides only for mutual authentication, Deo et al. provides public key based authentication of smartcard transactions with no specific mutual authentication protocol and no biometric user information, Tsubakinyama only provides mutual authentication between two entities using symmetric key encryption, and MacKenzi et al. provides a public key based mutual network authentication protocol for two parties.